Software developers invest considerable resources in the development and maintenance of computer software. This investment often results in the development of proprietary algorithms that are advantageous over those used by the competition and which the developer would like to keep secret so as to leverage the superiority of the algorithm. In addition to proprietary algorithms, software may also contain embedded secrets such as cryptographic keys. Because of the plethora of important information, software is often the target of various reverse engineering efforts to dissect, analyze, and discover how it works.
To minimize reverse engineering efforts, attackers often attempt to locate higher value code by identifying known code patterns or characteristics. For example, an implementation of AES-128 can include a nested loop where the outer loop is executed 10 times and the inner loop is executed 16 times. An attacker can use these characteristics to identify a section of code that implements AES-128 and then focus reverse engineering efforts on that section of code, while ignoring other code sections of lower value to the attacker. To increase the reverse engineering effort, software developers have applied various protection mechanisms that attempt to hide or disguise high value code. For example, a software developer may apply one or more code obfuscation techniques to a cryptographic routine to disguise known code patterns. Such techniques can be successful at increasing the effort required to reverse engineer a section of code, but they can also have negative side effects, such as decreasing performance. Additionally, they may not be applied uniformly across the program so an attacker may still be able to classify sections of code as lower and higher value even if the class of higher value code is larger than it would have been without the obfuscation.